Now I'm thinking about a relay that uses some slow but flexible and customizeable process to filter incoming events like https://github.com/fiatjaf/jingle, but then use some very fast scheme to serve requests once they are approved.

I guess strfry could have a plugin for denying REQs and it would be basically this.

@Doug Hoyte what do you think? It could do like https://github.com/fiatjaf/khatru does it: once you deny a request a CLOSED message is returned and if it includes the "auth-required:" error prefix strfry issues an AUTH message first to give the client the option to authorize before it replies the request. 

 I'm thinking that there should generally only be one trigger to reject AUTH. So AcceptReq in relayer works well enough.